The Hiscox Cyber Readiness Report
US Businesses Take Steps to Strengthen Cyber Defense, But Blind Spots Remain
The annual Hiscox Cyber Readiness Report 2020 reveals that businesses in the US are increasing spending and activity to reduce their vulnerability to cyber events, but there is more work to be done. The report surveyed over 5,000 professionals in the US, UK, Belgium, France, Germany, the Netherlands, Spain and Ireland who are responsible for their company’s cyber security.
In this year’s report, we see a battle emerging between cyber criminals and businesses, with businesses gaining some ground in terms of the number of attacks. Amongst the 1,000 professionals surveyed in the US, only 41% of respondents reported that their organization experienced at least one cyber incident or breach compared to 53% last year. However, the criminals have the upper hand in terms of the cost of attacks, since the median cost of all cyber incidents in the US has risen from $10,000 last year to $50,000 in this year's figures.
Businesses have been pushed into an unforgiving new world in 2020, and cyber criminals won’t offer any form of relief. COVID-19 has created new, lucrative opportunities for cyber attacks, and businesses must evolve their cyber strategies to remain shielded.
Cyber Product Head, Hiscox USA
Prevent attacks for the best possible outcome
For most organizations, prevention starts with a robust cyber security strategy and budget. US businesses increased their average spending on cyber security within their IT budgets by 61%, to an average spend of $2.4m. Of the countries surveyed, the US and Ireland tied for the highest average cyber security spend.
Detect threats early to reduce costs
Identifying and isolating an attack keeps costs down, and the best way to do that is to enhance the cyber knowledge of the entire organization. The number of firms who were ranked as cyber experts more than doubled to 24% this year, while cyber novices fell to 58% compared to 73% last year.
Despite this positive trend in cyber readiness, nearly half (48%) of all respondents agree their organization remains at risk of suffering a cyber incident.
Mitigate the damage when an attacks occurs
The good news is that businesses are fighting back more than ever before when there is an attack. While 39% of US organizations reported they did not take action after a security incident last year, this figure fell dramatically to 3% in this year’s report. Actions taken include regularly evaluating and discussing security and privacy, increasing spending on employee training and cultural change, and creating additional security and audit requirements.
Make sure your company is cyber ready. This year, 64% of US businesses reported already having cyber coverage, with another 16% planning to purchase it in the next year. Cyber insurance coverage can include training resources and emergency response tools to reduce the impact of a breach on your bottom line.
Learn how your business stacks up and how you can be more cyber ready by downloading the full report.
The content is provided for general informational purposes and is not intended to and does not constitute business or legal advice to any particular person or entity.